diff options
author | Jiaying Song <jiaying.song.cn@windriver.com> | 2025-07-03 13:28:24 +0800 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2025-07-06 19:23:22 -0400 |
commit | 32200384c737234abf5ef1bbd6825095298e589a (patch) | |
tree | a5c47b6b5acd1e002824d17ddccb16a28add75bb /meta-perl/recipes-perl/libxml/libxml-libxml-perl/using-DOCB-conditional.patch | |
parent | 6b9b9658e67e14b20cee33572f5dac0ec02e5496 (diff) | |
download | meta-openembedded-32200384c737234abf5ef1bbd6825095298e589a.tar.gz |
python3-pycares: fix CVE-2025-48945
pycares is a Python module which provides an interface to c-ares. c-ares
is a C library that performs DNS requests and name resolutions
asynchronously. Prior to version 4.9.0, pycares is vulnerable to a
use-after-free condition that occurs when a Channel object is garbage
collected while DNS queries are still pending. This results in a fatal
Python error and interpreter crash. The vulnerability has been fixed in
pycares 4.9.0 by implementing a safe channel destruction mechanism.
References:
https://nvd.nist.gov/vuln/detail/CVE-2025-48945
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-perl/recipes-perl/libxml/libxml-libxml-perl/using-DOCB-conditional.patch')
0 files changed, 0 insertions, 0 deletions